Skip to content

Update dml-vs-2022.yml#19687

Merged
snnn merged 1 commit intomainfrom
snnn/patch-12
Feb 28, 2024
Merged

Update dml-vs-2022.yml#19687
snnn merged 1 commit intomainfrom
snnn/patch-12

Conversation

@snnn
Copy link
Copy Markdown
Contributor

@snnn snnn commented Feb 28, 2024

Description

Fix a build error in "Zip-Nuget-Java-Nodejs Packaging Pipeline" which deletes files too early.

Motivation and Context

@snnn snnn requested a review from a team February 28, 2024 04:18
@skottmckay
Copy link
Copy Markdown
Contributor

skottmckay commented Feb 28, 2024

Out of interest, why do we do the delete of the binaries directory content in the component governance task? Not clear how those are related.

It was originally added in this PR: #17192

Refers to: tools/ci_build/github/azure-pipelines/nuget/templates/dml-vs-2022.yml:302 in 6355bae. [](commit_id = 6355bae, deletion_comment = False)

@snnn snnn merged commit a93c31e into main Feb 28, 2024
@snnn snnn deleted the snnn/patch-12 branch February 28, 2024 20:03
@snnn
Copy link
Copy Markdown
Contributor Author

snnn commented Feb 28, 2024

It is because the build folder has a lot of 3rd-party dependencies that can raise unwanted alerts. For example, composable_kernel contains a requirements.txt file in their "docs/sphinx" folder. The requirements.txt file is for listing the dependencies that are needed for building the docs of composable_kernel. We do not do that and we do not install the packages from that requirements.txt . Therefor we need to delete the folder to avoid the package being reported to CG.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mszhanyi mszhanyi mszhanyi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@snnn @skottmckay @mszhanyi